165
submitted 1 year ago* (last edited 1 year ago) by xtremeownage@lemmyonline.com to c/technology@lemmy.world

Both CloudNordic and Azero said that they were working to rebuild customers’ web and email systems from scratch, albeit without their data.

Yea.... Don't bother. But, do expect to hear from my lawyers.....

CloudNordic said that it “had no knowledge that there was an infection.” CloudNordic and Azero are owned by Denmark-registered Certiqa Holding, which also owns Netquest, a provider of threat intelligence for telcos and governments.

Edit-

https://www.cloudnordic.com/

all 26 comments
sorted by: hot top controversial new old
[-] demonsword@lemmy.world 22 points 1 year ago

Danish cloud host says customers 'lost all data' after ransomware attack

I'd hazard that that Danish cloud host probably lost all customers after that happened too

[-] xtremeownage@lemmyonline.com 27 points 1 year ago

If, I were a customer- I would be leaving for sure.

When- you pay a cloud vendor, you are generally paying to ensure a few things....

  1. That this stuff doesn't happen.
  2. That when this type of stuff does happen, they have a recovery plan / working backups.

And, when this hit the news, and I discovered they are owned by a company with a stake in cyber-security, I'd be jumping to a replacement pretty quickly... and staying far away from this company.

[-] TimeSquirrel@kbin.social 22 points 1 year ago

How do you fuck up this badly in 2023? I can see this happening in 1999.

[-] HellAwaits@lemm.ee 3 points 1 year ago

Ransomware attacks aren't new. Although, I find it weird that a cloud host doesn't have backups.

[-] On@kbin.social 18 points 1 year ago* (last edited 1 year ago)

CloudNordic said: “The attackers succeeded in encrypting all servers’ disks, as well as on the primary and secondary backup system, whereby all machines crashed and we lost access to all data

They did. They were affected too, if you read the article.

[-] exi@feddit.de 10 points 1 year ago

If your backups are online and not in a warehouse, you are doing it wrong. Even my own personal backups are on disconnected disks. What a bunch of amateurs.

[-] GenEcon@lemm.ee 4 points 1 year ago

If you don't know you are infected and you've been infected for a couple months, your backups are worthless.

[-] exi@feddit.de 5 points 1 year ago* (last edited 1 year ago)

That's why you do regular restore tests on separate systems. That should be standard procedure for any company. A fully encrypted disk should be noticable immediately.

[-] jeena@jemmy.jeena.net 13 points 1 year ago

Hm, so I can't rely on the Hetzner backup and should backup manually to a hard drive at home at least every now and then.

[-] r00ty@kbin.life 8 points 1 year ago

The fire ovh had created this problem for many. Some people's backups were in that data centre and they lost everything.

Yes, home backup and or cloud backup with a separate provider.

[-] Appoxo@lemmy.dbzer0.com 6 points 1 year ago

3 2 1 for a reason...

[-] autotldr@lemmings.world 8 points 1 year ago

This is the best summary I could come up with:


Cloud host CloudNordic says most of its customers have “lost all data with us” following a ransomware attack on its datacenter systems, including its backups.

In a notice on its website translated from Danish, CloudNordic said: “The attackers succeeded in encrypting all servers’ disks, as well as on the primary and secondary backup system, whereby all machines crashed and we lost access to all data.”

The cloud host said that it believes the hackers had access to the company’s administrative systems “from which they could encrypt entire disks.”

It’s not clear how the ransomware attack began, but the company said that the attack happened — or was at least exacerbated — by moving infected systems from one datacenter to another datacenter that was “unfortunately wired to access our internal network that is used to manage all of our servers.” CloudNordic said that it “had no knowledge that there was an infection.”

At the time of writing, no ransomware group has appeared to publicly acknowledge or take credit for the cyberattack.

Both CloudNordic and Azero said that they were working to rebuild customers’ web and email systems from scratch, albeit without their data.


The original article contains 432 words, the summary contains 192 words. Saved 56%. I'm a bot and I'm open source!

[-] TwoGems@lemmy.world 7 points 1 year ago

So what is the safest encrypted cloud service these days?

[-] xtremeownage@lemmyonline.com 18 points 1 year ago

safest encrypted cloud service these days

None. Use your own encryption keys, and pre-encrypt your data.

If the cloud provider I use for storing my backups got pwned, the attacker would gain access to.... well, nothing, without my private keys. And- if you follow the 3.2.1. rule, you would lose nothing, because you have at least two other copies.

[-] TwoGems@lemmy.world 2 points 1 year ago

Thanks. What program do you use to easily encrypt before uploading?

[-] Nugget@lemm.ee 5 points 1 year ago

Duplicacy has worked well for me

[-] xtremeownage@lemmyonline.com 1 points 1 year ago

This is the solution I use as well.

Although, rclone is also a viable solution.

[-] andrew@lemmy.stuart.fun 2 points 1 year ago

Restic is really good too. I use it for my stuff.

[-] OfficerBribe@lemm.ee 5 points 1 year ago

Ouch, cannot imagine what everyone, who are involved in this, are thinking. Wonder how many customers they had and how many will go broke.

[-] PlutoniumAcid@lemmy.world 1 points 1 year ago

I might venture a guess how many customers they will have after this...

[-] cholesterol@lemmy.wtf 3 points 1 year ago* (last edited 1 year ago)

If you've ever heard of 'Chili Klaus' (maybe from Hot Ones), his entire website is completely gone.

[-] Mesaji@lemmy.world 2 points 1 year ago

Keeping data in one place would only result in misuse of data and data leaks.

this post was submitted on 23 Aug 2023
165 points (98.2% liked)

Technology

59340 readers
2302 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS